Risk Management

Risk Management Structure

See "Integrated Report" page 28 regarding our Group’s risk management structure. The status of activities in fiscal 2021 of the Risk Management Committee, an organization that discusses and approves issues and measures related to the promotion of company-wide risk management, is as follows.

Risk Management Committee

The Risk Management Committee held four meetings in fiscal 2021, at which instructions were given to confirm the major risk categories selected in the previous year, and to implement additional measures to be considered. These areas of risk were specified as: our response to raw materials procurement risks, carbon neutral simulation, and information security incident response measures. Instructions were then given to the individual risk management divisions and each business unit. As for the major risk categories to be addressed in fiscal 2022, based on a survey of officers overseeing business segment and interviews with the President, six areas of risk were selected: disasters, accidents, and pandemics; raw material supply issues and price fluctuations; product quality; environmental impact reduction measures; compliance with laws and regulations; and information security incidents.

Business Continuity Plans (BCPs)

Of the foreseeable disasters and accidents that could occur, we regard earthquakes; explosions, fires, and leaks; storm and flood damage, and pandemics as major emergencies. We prepare BCPs designed to ensure the continuity of business when such emergencies occur, and share these with our clients as needed. Thus far, we have implemented measures such as ensuring adequate inventories of products and raw materials, ensuring redundancy with our production systems, augmenting our supplies of spare parts, and systematizing our restoration structures. With the cooperation of our suppliers, we are also confirming BCP upstream in the supply chain and examining additional countermeasures, while expanding the introduction of a predictive anomaly management system based on AI and IoT technologies as a preventive measure against fires and explosions that could occur in our Group.

Our response to the spread of infections with COVID-19 since 2020 has included the establishment of a COVID-19 Emergency Taskforce and a countermeasures secretariat at our head office, which operate flexibly as we deliberate measures to be taken in response to the state of the contagion, such as issuing notices as appropriate. We also consider the operation of these two bodies in revising our Companywide COVID-19 Infection Countermeasures Manual as needed. We also refer to this manual in our work of formulating a response framework and action plan for each of our subsidiaries in consideration of the differences in laws, regulations and industry rules for the country in which each is located.

We recognize that the frequency with which disasters and incidents that we regard as major emergencies occur, as well as the magnitude and extent of their impacts, is changing every year as a result of advances in science and technology and the effects of climate change. As such, every year we verify the adequacy of our BCPs based on the latest information. Moving forward, we will continue to reassess our BCPs and provide training.

Information Security

We retain an extensive array of personal information on customers, shareholders, employees, and others. In addition to personal information, we also retain trade secrets and other confidential information relating to our business partners. All of this is critical information that must never be leaked to outside parties, and we have therefore improved security in the operation of our information systems, including measures against cyber attacks, phishing sites, unauthorized intrusion, and malware infection, and have taken thorough measures to prevent leaks. In fiscal 2021, as part of our ongoing efforts to strengthen measures against cyber-attacks, we thoroughly addressed vulnerabilities, took countermeasures against new threats, systematically transitioned products for which support had ceased, and took steps including introduction of a security incident detection tool based on our standards at SB-Kawasumi Laboratories, Inc. In addition, we sent out alerts regarding security risks to business sites overseas as well as in Japan, and conducted security education for all Group PC users in Japan and overseas on the theme of ransomware and business e-mail fraud.

We have established the Computer Security Incident Response Team of Sumitomo Bakelite Co., Ltd. (SUMIBE-CSIRT). Under both normal circumstances and when incidents arise, SUMIBE-CSIRT works together with the Corporate General Affairs Division, Information Systems & Data Processing Department, Personnel Division, Intellectual Property Department, and other relevant departments to respond to information security incidents.

情報セキュリティ事故対策体制

Call or email us about Sustainability